Improves security with a multi-layered protection approach

Overview

To improve the safety of in-house systems which directly and indirectly support online banking. To respond to targeted attacks not covered by the bank’s existing anti-virus.

Adding network visualization functions to existing security solutions has strengthened multi-layered protection. New threats such as targeted attacks are detected swiftly and accurately. A sense of security provided by the support of Trend Micro, which includes analyzed log reports.

Challenges

According to Tatsuya Fukushima of Sony Bank’s Systems Planning Department, “Sony Bank is a dedicated online bank which provides every kind of financial product and service. Our service site offers several customer-facing asset management tools to support linchpin services such as foreign currency deposits and home loans.”

Since launching its services in 2001, Sony Bank has continually expanded and enhanced the IT infrastructure that underpins its core business. In particular, the information security solutions which guarantee customer safety when using the bank’s services are critical. Consequently, Sony Bank has been actively adopting various technologies prior to the other banks in the industry, including one-time hard token passwords and 2-step identification for user authentication. Similarly, the bank proactively implements security solutions for its in-house systems responsible for back-end tasks. Endpoint solutions such as URL filtering, along with antivirus provided by Trend Micro™ OfficeScan™, has helped with critical elements of network security and accurate device management.

“However, new threats such as targeted attacks are increasing, and it is not really possible to prevent these kinds of attacks with existing security solutions. It is too late to put security solutions in place after the damage has been done. In the financial sector in particular, even the slightest opening can be fatal. We believe prevention is better than a cure, so we wanted to choose a strong preventive solution,” says Fukushima.

The bank reviewed its existing security solutions and confirmed what needed to be done. After establishing the need for a solution to secure internal network communications, the bank set about selecting the optimum product. “We strengthened our ‘multilayer’ structure by implementing security solutions at a different layer from our existing solutions. For example, building mechanisms to monitor outbound communications from company network and detect threats from program behavior would enable us to further elevate the overall security level of our system against targeted attacks,” explains Fukushima.

“Deep Discovery combines a number of functions, including visualization of in-house networks, logging, and custom sandboxing to help detect unknown threats. After comparing all products based on the impartial view of the consultants, we were most impressed with Trend Micro’s solution and the well-balanced solution against lateral movement that it provided.”

Solution

When selecting the new solution, Sony Bank worked with an information security consulting firm and assessed a number of products, including those of Trend Micro’s competitors. Once the results were in, the company chose Trend Micro’s Deep Discovery™ Inspector.

“Deep Discovery combines a number of functions, including visualization of in-house networks, logging, and custom sandboxing to help detect unknown threats. After comparing all products based on the impartial view of the consultants, we were most impressed with Trend Micro’s solution and the well-balanced solution against lateral movement that it provided,” says Fukushima.

Sony Bank had been making use of Trend Micro OfficeScan as an endpoint solution for its in-house systems for some time. In the future, the bank is looking forward to the integration between Deep Discovery and OfficeScan to improve overall security by sharing newly discovered threat information between the two products. This integration capability was another major factor in choosing Deep Discovery.

After deciding to adopt Deep Discovery Inspector, Sony Bank requested the system integration (SI) services of ITOCHU Techno-Solutions Corporation (CTC) due to its proven track record in the financial sector. “CTC has experience supporting the deployment of Trend Micro products in many companies. We decided to use the company’s services for the deployment because we expected them to leverage their know-how and expertise about the product and about the financial sector in general,” says Sony Bank’s Natsuko Nishibayashi.

“New threats such as targeted attacks are increasing, and it is not really possible to prevent these kinds of attacks with existing security solutions. It is too late to put security solutions in place after the damage has been done. In the financial sector in particular, even the slightest opening can be fatal. We believe prevention is better than a cure, so we wanted to choose a strong preventive solution.”

Results

Sony Bank’s in-house system consists of two distinct parts: an “OA system” that supports general office works and can access the Internet, and a “Banking system”—a closed system that performs customer management and account processing. The bank now secures both systems with Deep Discovery Inspector. By doing so, it achieves multilayered protection and advanced security for internal networks, and enhancements to its existing endpoint security. “Although it was our company’s first Deep Discovery Inspector implementation, by utilizing our accumulated SI results and our robust relationship with Trend Micro, we were able to complete deployment without any trouble,” explains CTC’s Satoshi Hagiwara of CTC, the supervisor of Deep Discovery deployment. In order to guarantee security, the two in-house systems are completely separated from each other. Therefore even if a malicious program should infiltrate the OA system there is little risk of it spreading to the Banking system. The deployment of Deep Discovery has secured operations even further.

The present operating configuration is roughly as follows. Deep Discovery Inspector constantly monitors the communications of each network. If it detects anything suspicious, it immediately alerts an administrator via email. “After that, the administrator specifies the computer that the communication originated from on the Deep Discovery console. An investigation to determine the cause follows in order to prevent a recurrence,” explains Nishibayashi.

Sony Bank also opted to purchase Trend Micro Premium Support Program. Communication logs are analyzed by Trend Micro, which then issues weekly reports that are used to confirm operational status. “In addition to the improved security provided by Deep Discovery, it’s a great relief to know that Trend Micro, a dedicated security group, is watching over our systems. This has been a major benefit of the deployment,” says Nishibayashi emphatically.

Sony Bank plans to continually enhance the security of its systems for both the customer and its own internal operations in mind.

“This is an era in which no matter how many security solutions you implement, it’s never enough. We are currently examining solutions aimed at server protection and blocking targeted email attacks, in order to build an even stronger system. In the future, we would also like to consider the possibility of launching a security operations center. We have high hopes that Trend Micro will continue offering proposals to support the security aspects of our online banking services,” concludes Fukushima.

“In addition to the improved security provided by Deep Discovery, it’s a great relief to know that Trend Micro, a dedicated security group, is watching over our systems. This has been a major benefitof the deployment.”